/*package cn.meomis.common.security;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import javax.annotation.PostConstruct;
import javax.annotation.Resource;

import org.apache.log4j.Logger;
import org.springframework.context.ApplicationContextAware;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntUrlPathMatcher;
import org.springframework.security.web.util.UrlMatcher;
import org.springframework.stereotype.Service;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

import cn.meomis.model.Func;
import cn.meomis.model.FuncUrl;
import cn.meomis.model.Role;
import cn.meomis.model.RoleFunc;
import cn.meomis.service.FuncService;
import cn.meomis.service.FuncUrlService;
import cn.meomis.service.RoleFuncService;
import cn.meomis.service.RoleService;

 
 *  
 * 最核心的地方，就是提供某个资源对应的权限定义，即getAttributes方法返回的结果。 
 * 注意，我例子中使用的是AntUrlPathMatcher这个path matcher来检查URL是否与资源定义匹配， 
 * 事实上你还要用正则的方式来匹配，或者自己实现一个matcher。 
 *  
 * 此类在初始化时，应该取到所有资源及其对应角色的定义 
 *  
 * 说明：对于方法的spring注入，只能在方法和成员变量里注入， 
 * 如果一个类要进行实例化的时候，不能注入对象和操作对象， 
 * 所以在构造函数里不能进行操作注入的数据。 
 
@Service
public class InvocationSecurityMetadataSourceService implements
		FilterInvocationSecurityMetadataSource {
	*//**
	 * Logger for this class
	 *//*
	private static final Logger logger = Logger
			.getLogger(InvocationSecurityMetadataSourceService.class);

	@Resource
	private RoleService roleInfoServiceImpl;
	@Resource
	private FuncService funcService;
	@Resource
	private RoleFuncService roleFuncService;
	@Resource
	private FuncUrlService funcUrlService;


	private UrlMatcher urlMatcher = new AntUrlPathMatcher();
	private static Map<String, Collection<ConfigAttribute>> resourceMap = null;

	public void loadResourceDefine() throws Exception {
		this.resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
		List<Func> resultset = funcService.findAll();
		List<FuncUrl> funcUrls = funcUrlService.findAll();
		for(FuncUrl funcUrl : funcUrls){
			Func func = new Func();
			func.setFunctionId(funcUrl.getFunctionId());
			if(!resultset.contains(func)){
				continue;
			}
			resultset.get(resultset.indexOf(func)).getFuncUrls().add(funcUrl);
		}
		
		for(Func func : resultset){
			List<RoleFunc> roleFuncResultSet = roleFuncService.findByFuncId(func.getFunctionId());
			if(roleFuncResultSet.isEmpty()){
				Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
				ConfigAttribute ca = new SecurityConfig("NONE");
				atts.add(ca);
				for(FuncUrl funcUrl : func.getFuncUrls()){
					this.resourceMap.put(funcUrl.getUrlInfo(), atts);
				}
				continue;
			}
			Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
			String roleNames[] = new String[roleFuncResultSet.size()];
			int countDown = 0;
			for (RoleFunc item : roleFuncResultSet) {
				Role role = new Role();
				role.setId(item.getRoleId());
				role = roleInfoServiceImpl.get(role);
				ConfigAttribute ca = new SecurityConfig(role.getRoleName());
				atts.add(ca);
				roleNames[countDown++] = role.getRoleName();
			}
			
			for(FuncUrl funcUrl : func.getFuncUrls()){
				if(logger.isInfoEnabled())
					logger.info("权限功能:"+funcUrl.getUrlInfo()+" | "+Arrays.toString(roleNames));
				this.resourceMap.put(funcUrl.getUrlInfo(), atts);
			}

		}

	}

	// According to a URL, Find out permission configuration of this URL.
	public Collection<ConfigAttribute> getAttributes(Object object)
			throws IllegalArgumentException {
		if (logger.isDebugEnabled()) {
			logger.debug("getAttributes(Object) - start"); //$NON-NLS-1$  
		}
		// guess object is a URL.
		String url = ((FilterInvocation) object).getRequestUrl();
		Iterator<String> ite = resourceMap.keySet().iterator();
		Collection<ConfigAttribute> returnCollection = new ArrayList<ConfigAttribute>();
		while (ite.hasNext()) {
			String resURL = ite.next();
			if (urlMatcher.pathMatchesUrl(resURL, url)) {
				returnCollection = resourceMap.get(resURL);
				break;
			}
		}
		if (logger.isDebugEnabled()) {
			logger.debug("getAttributes(Object) - end"); //$NON-NLS-1$  
		}
		return returnCollection;
	}

	public boolean supports(Class<?> clazz) {
		return true;
	}

	public Collection<ConfigAttribute> getAllConfigAttributes() {
		return null;
	}

	public RoleService getRoleInfoServiceImpl() {
		return roleInfoServiceImpl;
	}

	public void setRoleInfoServiceImpl(RoleService roleInfoServiceImpl) {
		this.roleInfoServiceImpl = roleInfoServiceImpl;
	}

	public FuncService getFuncService() {
		return funcService;
	}

	public void setFuncService(FuncService funcService) {
		this.funcService = funcService;
	}

	public RoleFuncService getRoleFuncService() {
		return roleFuncService;
	}

	public void setRoleFuncService(RoleFuncService roleFuncService) {
		this.roleFuncService = roleFuncService;
	}

	
}*/